Cool ICE data wizard

ABSTRACT

An apparatus for and method of utilizing an internet terminal coupled to the world wide web using HTML communications protocol to access an existing proprietary data base management system having varying requirements for command language format. The user request is received by a web server from the world wide web. The command language script is generated in response to data supplied by the user as entries in HTML screens. The script writer, called data wizard converts these inputs into one or more sequenced commands in the command language of the data base management system. These data base management commands are sequentially presented to the data base management system and the intermediate products stored. After all of the sequenced data base management commands have been executed, the web server combines the intermediate products to form a complete response to the initial user request. The response is transferred to the user over the world wide web. The sequenced commands may be stored for future use.

CROSS REVERENCE TO CO-PENDING APPLICATIONS

U.S. patent application Ser. No. 09/164,759, filed Oct. 1, 1998, andentitled, “A Common Gateway Which Allows Applets to Make Program Callsto OLTP Applications Executing on an Enterprise Server”; U.S. patentapplication Ser. No. 09/164,932, filed Oct. 1, 1998, and entitled, “AMulti-Client User Customized DOM Gateway for an OLTP Enterprise ServerApplication”; U.S. patent application Ser. No. 09/164,908, filed Oct. 1,1998, and entitled, “An Automated Development System for DevelopingApplications that Interface with Both Distributed Component Object Model(DOM) and Enterprise Server Environments”; U.S. patent application Ser.No. 09/164,953, filed Oct. 1, 1998, and entitled, “Providing a ModularGateway Architecture Which Isolates Attributes of the Client and ServerSystems into Independent Components”; U.S. patent application Ser. No.09/164,822, filed Oct. 1, 1998, and entitled, “Making CGI Variables andCookie Information Available to an OLTP System”; U.S. patent applicationSer No. 09/164,673, filed Oct. 1, 1998, and entitled, “A Gateway forDynamically Providing Web Site Status Information”; U.S. patentapplication Ser. No. 09/168,756, filed Oct. 1, 1998, and entitled,“Development System for Automatically Enabling a Server Application toExecute with an XATMI-complaint transaction MGR :Managing Transactionswithin Multiple Environments”; U.S. patent application Ser. No.09/189,053, filed Nov. 9, 1998, and entitled, “Cool ICE BatchInterface”; U.S. patent application Ser. No. 09/189,381, filed Nov. 9,1998, and entitled, “Cool ICE Debug”; U.S. patent application Ser. No.09/188,628, and entitled, “Cool ICE Workstation Directory/File Browser”;U.S. patent application Ser. No. 09/188,840, filed Nov. 9, 1998, andentitled, “Cool ICE Icons”; Cool Ice Repository, “Cool ICE Repository”;U.S. patent application Ser. No. 09/188,738, filed Nov. 9, 1998, andentitled, “Cool ICE Service Templates”; U.S. patent application Ser. No.09/189,383, filed Nov. 9, 1998, and entitled, “Automatic Footer Text onHTML Pages”; U.S. patent application Ser. No. 09/189,615, filed Nov. 9,1998, and entitled, “Availability Message”; U.S. patent application Ser.No. 09/189,611, filed Nov. 9, 1998, and entitled, “Cool ICE SystemSettings”; U.S. patent application Ser. No. 09/188,807, filed Nov. 9,1998, and entitled, “Cool ICE Service Handler”; U.S. patent applicationSer. No. 09/188,725, filed Nov. 9, 1998, and entitled, “Server SideVariables”; U.S. patent application Ser. No. 09/188,625, filed Nov. 9,1998, and entitled, “Cool ICE State Management”; U.S. patent applicationSer. No. 09/188,649, filed Nov. 9, 1998, and entitled, “Cool ICE ColumnProfiling”; U.S. patent application Ser. No. 09/189,635, filed Nov. 9,1998, and entitled, “Cool ICE Table Profiling”; and U.S. patentapplication Ser. No. 09/189,160, filed Nov. 9, 1998, and entitled, “CoolICE Database Profiling” are commonly assigned co-pending applicationsincorporated herein by reference.

BACKGROUND OF THE INVENTION

1. Field of the Invention:

The present invention generally relates to data base management systemsand more particularly relates to enhancements for providing access todata base management systems via internet user terminals.

2. Description of the prior art:

Data base management systems are well known in the data processing art.Such commercial systems have been in general use for more than 20 years.One of the most successful data base management systems is availablefrom Unisys Corporation and is called the Classic MAPPER® data basemanagement system. The Classic MAPPER system can be reviewed using theClassic MAPPER User's Guide which may be obtained from UnisysCorporation.

The Classic MAPPER system, which runs on proprietary hardware alsoavailable from Unisys Corporation, provides a way for clients topartition data bases into structures called filing cabinets and drawers,as a way to offer a more tangible format. The Mapper data base managerutilizes various predefined highlevel instructions whereby the data baseuser may manipulate the data base to generate human-readable datapresentations called “reports”. The user is permitted to prepare listsof the various predefined high-level instructions into data base managerprograms called “Mapper Runs”. Thus, users of the Classic MAPPER systemmay create, modify, and add to a given data base and also generateperiodic and aperiodic reports using various Mapper Runs.

However, with the Classic MAPPER system, as well as with similarproprietary data base management systems, the user must interface withthe data base using a terminal coupled directly to the proprietarysystem and must access and manipulate the data using the Mapper Runcommand language of Classic MAPPER. Ordinarily, that means that the usermust either be co-located with the hardware which hosts the data basemanagement system or must be coupled to that hardware through dedicatedtelephone, satellite, or other data links. Furthermore, the user usuallyneeds to be schooled in the command language of Classic MAPPER (or otherproprietary data base management system) to be capable of generatingMapper Runs.

Since the advent of large scale, dedicated, proprietary data basemanagement systems, the internet or world wide web has come into being.Unlike closed proprietary data base management systems, the internet hasbecome a world wide bulletin board, permitting all to achieve nearlyequal access using a wide variety of hardware, software, andcommunication protocols. Even though some standardization has developed,one of the important characteristics of the world wide web is itsability to constantly accept new and emerging techniques within a globalframework. Many current users of the internet have utilized severalgenerations of hardware and software from a wide variety of suppliersfrom all over the world. It is not uncommon for current day youngchildren to have ready access to the world wide web and to havesubstantial experience in data access using the internet.

Thus, the major advantage of the internet is its universality. Nearlyanyone, anywhere can become a user. That means that virtually allpersons are potentially internet users without the need for specializedtraining and/or proprietary hardware and software. One can readily seethat providing access to a proprietary data base management system, suchas Classic MAPPER, through the internet would yield an extremelyinexpensive and universally available means for accessing the data whichit contains and such access would be without the need for considerablespecialized training.

There are two basic problems with permitting internet access to aproprietary data base. The first is a matter of security. Because theinternet is basically a means to publish information, great care must betaken to avoid intentional or inadvertent access to certain data byunauthorized internet users. In practice this is substantiallycomplicated by the need to provide various levels of authorization tointernet users to take full advantage of the technique. For example, onemight have a first level involving no special security featuresavailable to any internet user. A second level might be for specificcustomers, whereas a third level might be authorized only for employees.One or more fourth levels of security might be available for officers orothers having specialized data access needs.

Existing data base managers have security systems, of course. However,because of the physical security with a proprietary system, a certaindegree of security is inherent in the limited access. On the other hand,access via the internet is virtually unlimited which makes the securityissue much more acute.

The second major problem is imposed by the internet protocol itself Oneof the characteristics of the internet which makes it so universal isthat any single transaction in HTML language combines a single transfer(or request) from a user coupled with a single response from theinternet server. In general, there is no means for linking multipletransfers (or requests) and multiple responses. In this manner, theinternet utilizes a transaction model which may be referred to as“stateless” and without a command language. The internet user hasessentially only one command in the HTML format, “go-to and display”.This condition ensures that the internet, its users, and its serversremain sufficiently independent during operation that no one entity orgroup of entities can unduly delay or “hang-up” the communicationssystem or any of its major components. Each transmissions results in atermination of the transaction. Thus, there is no general purpose meansto link data from one internet transaction to another, even though incertain specialized applications limited amounts of data may be coupledusing “cookies” or via attaching data to a specific HTML screen.

However, some of the most poweril data base management functions orservices of necessity rely on coupling data from one transaction toanother in dialog fashion. In fact this lining is of the essence ofMapper Runs which assume change of state from one command languagestatement to the next. True statelessness from a first Mapper command tothe next or subsequent Mapper command would preclude much of the powerof Classic MAPPER (or any other modern data base management system) as adata base management tool and would eliminate data base management as wenow know it.

The problem is further complicated, because the syntax of the HTMLinterface does not currently describe a command language. Without such acommand language, the functionality of the data base management systemwhich provides arithmetic, logical, and other data manipulation featurescannot be utilized. However, just implementing the command language ofthe proprietary data base management system using HTML service requestswould obviate the ease of use and nearly universal user familiaritywhich is one of the desirable aspects of providing data base managementsystem access via an internet terminal.

SUMMARY OF THE INVENTION

The present invention overcomes the disadvantages of the prior art byproviding a method of and apparatus for utilizing the power of a fullfeatured data base management system by a user at a terminal coupled tothe world wide web or internet. In order to permit any such access, thepresent invention must first provide a user interface, called a gateway,which translates transaction data transferred from the user over theinternet in HTML format into a format from which data base managementsystem commands and inputs may be generated. The gateway must alsoconvert the data base management system responses and outputs into anHTML document for display on the user's internet terminal. Thus, as aminimum, the gateway must make these format and protocol conversions. Inthe preferred embodiment, the gateway resides in the web server coupledto the user via the world wide web and coupled to proprietary data basemanagement system.

To make access to a proprietary data base by internet users practical, asophisticated security system is required to prevent intentional orinadvertent unauthorized accesses. As discussed above, such a securitysystem should provide multiple levels of access to accommodate a varietyof authorized user categories. In the preferred embodiment of thepresent invention, several levels of data classification are providedand several classes of users are defined. This permits certain levels ofdata to be accessed by one or more of the several classes of user. Thesecurity system may either reside in the web server containing thegateway or may be an existing component of the data base managementsystem.

Whereas the gateway and the security system are the minimum necessary topermit the most rudimentary form of communication between the internetterminal of the user and the proprietary data base management system, asexplained above, the internet is a “stateless” communication systemhaving but a simple, single command; the addition of the gateway and thesecurity system do not change ths condition. To unleash the real powerof the data base management system, the commnunication protocol betweenthe data base and the user requires a rich command language and thusfuinctional interaction between the various data transfers.

The present invention provides a “Data Wizard” which creates commandlanguage script, usable by the data base management system, from aseries of rudimentary HTML service requests of the user. The data wizardis entered from the main menu of the browser at the world wide web userterminal. It functions as a writer of standard query language (SQL)script through inputs it receives from the user as HTML responses tovarious simple inquiries. The data wizard continues to make requests ofthe user until the SQL script has been generated for the desired database management system functions. This SQL script is then defined to theuser by an icon. Clicking that icon will then cause execution of thescript by the data base management system and presentation of theresult(s) to the user as an HTML screen.

This requires state management to be added to the enviromnment. Insteadof considering each transfer from the internet user coupled with thecorresponding server response as an isolated transaction event asdefined by the world wide web, one or more related SQL scriptedfunctions may be functionally associated with a single service requestas defined to the data base management system via the SQL script writtenby the data wizard.

A repository is established to store the state of the SQL scriptsequence. As such, the repository can store intermediate data basemanagement system commands and responses, as well as other dataassociated with the SQL script sequence. Thus, the repository bufferscommands, data, and intermediate products utilized in formattingsubsequent data base management service requests and in formattingsubsequent HTML pages to be displayed to the user.

The transaction data in HTML format received by the server from theuser, along with the state information stored in the repository, areprocessed by a data wizard and the service handler into a sequence ofservice requests in the command language of the data base managementsystem. Sequencing and control of the data base management system is viaan administration module.

Through the use of the data wizard to generate the SQL script, therepository to store the state of the service request sequence, theservice handler to generate data base management command language, andthe administration module, the world wide web user is capable ofperforming each and every data base management function available to anyuser, including a user from a proprietary terminal having a dedicatedcommunication link which is co-located with the proprietary data basemanagement system hardware and software. In addition, the data basemanagement system user at the world wide web terminal is able toaccomplish this in the HTML protocol, without extensive trainingconcerning the command language of the data base management system.

BRIEF DESCRIPTION OF THE DRAWINGS

Other objects of the present invention and many of the attendantadvantages of the present invention will be readily appreciated as thesame becomes better understood by reference to the following detaileddescription when considered in connection with the accompanyingdrawings, in which like reference numerals designate like partsthroughout the figures thereof and wherein:

FIG. 1 is pictographic view of the Cool ICE system coupled between auser on the world wide web and an existing proprietary data basemanagement system;

FIG. 2 is a schematic drawing showing the operation of a multilevelsecurity system in accordance with the preferred embodiment of thepresent invention;

FIG. 3 is a pictographic view of the hardware of the preferredembodiment;

FIG. 4 is a semi-schematic diagram of the operation of the Cool ICEsystem;

FIG. 5 is an overall schematic view of the software of the Cool ICEsystem;

FIG. 6 is a schematic view of a service request;

FIG. 7 shows a schematic view of a service request sequence;

FIG. 8 is a diagrammatic comparison between a dialog-based structure anda service-based structure;

FIG. 9 is a detailed diagram of the storage and utilization of stateinformation within the repository;

FIG. 10 is a flowchart showing operation of the data wizard;

FIG. 11 is a detailed flow diagram showing query definition;

FIG. 12 is a detailed flow diagram showing operation of the ICEadministration module in the enforcement of security; and

FIG. 13 is a schematic diagram showing development of a service by thedata wizard.

DETAILED DESCRIPON OF THE PREFERRED EMBODIMENTS

The present invention is described in accordance with several preferredembodiments which are to be viewed as illustrative without beinglimiting. These several preferred embodiments are based upon Series 2200hardware and operating systems, the Classic MAPPER data base managementsystem, and the Cool ICE software components, all available from UnisysCorporation.

FIG. 1 is an overall pictographic representation of a system 10permitting access to a proprietary data base management system via aninternet terminal. Existing data bases and applications 12 representscommercially available hardware and software systems which typicallyprovide select users with access to proprietary data and data basemanagement functions. In the preferred embodiment, existing data basesand applications 12 represents Series 2200 hardware and operating systemcontaining one or more data bases prepared using Classic MAPPER database management system, all available from Unisys Corporation.Historically, existing data bases and applications 12 could only beaccessed from a dedicated, direct terminal link, either physicallyco-located with the other system elements or connected thereto via asecured dedicated telephonic, satellite, or fiber optic link.

With the preferred mode of the present invention, communication betweennew web application terminal 14 and existing data bases and applications12 is facilitated. As discussed above, this permits nearly universalaccess by users world wide without specialized hardware and/or usertraining. The user effects the access using standardized HTMLtransaction language through world wide web link 16 to the Cool ICEsystem 20, which serves as a world wide web server to world wide weblink 16.

Cool ICE system 20 appears to existing data bases and applications 12 asa data base management system proprietary user terminal over dedicatedlink 18. Oftentimes, dedicated link 18 is an intranet or other localizednetwork link. Cool ICE system 20 is currently available in commercialform without the present invention as Cool ICE Revision Level 1.1 fromUnisys Corporation.

FIG. 2 is a schematic diagram of security system 22 of the preferredmode of the present invention. By way of example, there are fourcategories of service defined, each with its own functionality andportion of the data base. Service A 36 contains data and functions whichshould only be made available to customers. Service B 38 contains dataand functions which should only be made available to customers oremployees. Service C 40 contains data and functions which should only bemade available to employees, and Service D 42, containing the leastrestrictive data and functions may be made available to anyone,including the general public.

In a typical application, Service D 42 might contain the general homepage information of the enterprise. It will consist of only the mostpublic of information. It is likely to include the name, address, e-mailaddress, and phone number of the enterprise, along with the most publicof the business details. Usually, Service D 42 would include means ofpresenting the information in a sufficiently interesting way to enticethe most casual of the public user to make further inquiry and thusbecome more involved with the objectives of the enterprise. Service D 42represents the lowest level of security with data and functionsavailable to all.

Service C 40 is potentially the highest level of classification. Itcontains data and functions which can be made available only toemployees. In actual practice, this might entail a number of sub levelscorresponding to the various levels of authority of the variousemployees. However, some services may be so sensitive that theenterprise decides not to provide any access via the internet. Thismight include such things as strategic planning data and tools, advancedfinancial predictions, specific information regarding individualemployees, marketing plans, etc. The penalty for this extreme securitymeasure is that even authorized individuals are prohibited fromaccessing these services via the internet, and they must take thetrouble to achieve access via an old-fashioned dedicated link.

Customers and employees may share access to Service B 38. Nevertheless,these data and functions are sufficiently sensitive that they are notmade public. Service B 38 likely provides access to productspecifications, delivery schedules and quantities, and pricing.

For customer access only is Service A 36. One would expect marketinginformation, along with specific account information, to be availablehere.

These four service levels (i.e., Service A 36, Service B 38, Service C40, and Service D 42) are regulated in accordance with three securityprofiles. The lowest level of security does not require a securityprofile, because any member of the general public may be granted access.This can be readily seen as guest category 28 (e.g., a member of thepublic) can directly access Service D 42. Of course, all othercategories of user may also directly access Service D 42, because allmembers of the more restrictive categories (e.g., customers andemployees) are also members of the general public (i.e., the leastrestrictive category).

Security Profile #1, 30 permits access to Service A 36 if and only ifthe requester seeking access is a customer and therefore a member ofcustomer category 24. Members of customer category 24 need to identifythemselves with a customer identification code in order to gain access.The assigning and processing of such identification codes are well knownto those of skill in the art.

Similarly, Security Profile #3, 34 permits access to Service C 40 if andonly if the requestor seeking access is an employee and therefore amember of employee category 26. Security Profile #2, 32 permits accessto Service B 38 to requestors from either customer category 24 oremployee category 26, upon receipt of a customer identification code oran employee identification code.

FIG. 3 is a pictorial diagram of hardware suite 44 of the preferredembodiment of the present invention. The client interfaces with thesystem via internet terminal 46. Preferably, internet terminal 46 is anindustry compatible, personalized computer having a current version ofthe Windows operating system and suitable web browser with framescapability, all being readily available commercial products. Internetterminal 46 communicates over world wide web access 48 usingstandardized HTML protocol.

The Cool ICE system is resident in web server 50, which is coupled tointernet terminal 46 via world wide web access 48. In the preferredmode, web server 50 is owned and operated by the enterprise owning andcontrolling the proprietary data base management system. Web server 50may serve as the internet access provider for internet terminal 46wherein world wide web access 48 is typically a dial-up telephone line.This would ordinarily be the case if the shown client were an employeeof the enterprise. On the other band, web server 50 may be a remoteserver site on the internet if the shown client has a different internetaccess provider. This would ordinarily occur if the shown client were acustomer or guest.

In addition to being coupled to world wide web access 48, web server 50,containing the Cool ICE system, is coupled to intranet 52 of theenterprise as shown. Intranet 52 provides the enterprise withcommunication for its internal business purposes. This communication isadministered and managed by enterprise server 54 having enterpriseserver storage facility 56. Thus, employees and others granted accessmay communicate via intranet 52 within the physical security provided bythe enterprise. Also coupled to intranet 52 is departmental server 58having departmental server storage facility 60. Additional departmentalservers (not shown) may be coupled to intranet 52. The enterprise dataand enterprise data base management service functionality typicallyresides within enterprise server 54, departmental server 58, and anyother departmental servers (not shown). Normal operation in accordancewith the prior art would provide access to this data and data basemanagement functionality via intranet 52 to users directly coupled tointranet 52.

In the preferred mode of the present invention, access to this data anddata base management functionality is also provided to users (e.g.,internet terminal 46) not directly coupled to intranet 52, butindirectly coupled to intranet 52 via web server 50. As explained belowin more detail, web server 50 provides this access utilizing the CoolICE system resident in web server 50.

FIG. 4 is pictographic view of the system of FIG. 3 with particulardetail showing the organization and operation of the Cool ICE system 62,which is resident in the web server (see also FIG. 3). In this view, theclient accesses the data base management system within the enterprisevia internet terminal 54 which is coupled to the web server 68 by worldwide web path 66. Again, the internet terminal 54 is preferably anindustry standard computer utilizing a commercially available webbrowser.

The basic request/response format of the Cool ICE system involves a“service” (defined in greater detail below) which is an object of theCool ICE system. The service is a predefined operation or relatedsequence of operations which provide the client with a desired static ordynamic result. The services are categorized by the language in whichthey were developed. Whereas all services are developed with client-sidescripting which is compatible with internet terminal 54 (e.g., HTML),the server-side scripting defines the service category. Native servicesutilize Cool ICE script for all server-side scripting. On the otherhand, open services may have server-side scripting in a variety ofcommon commercial languages including Jscript, VBScript, ActiveXcontrols, and HTML. Because native services are developed in the CoolICE language, greater development flexibility and variety are availablewith this technique.

Web server 68 provides open server processor 70 for Active Server Pages(ASP's) which have been developed as open services and Default ASPprocessor 72 for native services. After the appropriate decoding (i.e.,native or open service), a call to the corresponding Cool ICE object 74is initiated as shown. The selected object is processed by Cool ICEengine 76.

Repository 80 is a storage resource for long term storage of the CoolICE objects and short term storage of the state of a particular service.Further details concerning repository 80 may be found by consulting theabove referenced, commonly-assigned, co-pending U.S. Patent Application.In the preferred mode of the present invention, the objects stored inrepository 80 are typically very similar to mapper runs as describedabove. For a more detailed description of mapper runs, Classic MAPPERUser Manual is available from Unisys Corporation and incorporated hereinby reference. In the more general case, repository 80 would typicallystore predefined sequences of statements in the command language of theenterprise data base management system(s) to be accessed.

Cool ICE engine 76 sequences these previously stored command statementsand uses them to communicate via intranet 84 with the data basemanagement system(s) (e.g., Classic Mapper) resident on enterpriseserver 86 and departmental server 88. The short term storage capabilityof repository 80 is utilized by Cool ICE engine 76 to store the stateand intermediate products of each service until the processing sequencehas been completed. Following completion, Cool ICE engine 76 retrievesthe intermediate products from repository 80 and internet formats theoutput response to the client, which is transferred to intemet terminal54 via web server 68 and world wide web path 66.

Cool ICE Administrator 82 is available for coordination of the operationof Cool ICE system 62 and thus can resolve conflicts, set run-timepriorities, deal with security issues, and serve as a developmentalresource. Graphing engine 78 is available to efficiently providegraphical representations of data to be a part of the response of aservice. This tends to be a particularly useful utility, because many ofthe existing data base management systems have relatively sparseresources for graphical presentation of data.

The combination of Cool ICE engine 76 and repository 80 permits a rathersimplistic service request from internet terminal 54 in dialog format toinitiate a rather complex series of data base management systemfunctions. In doing so, Cool ICE engine 76 emulates an intranet user ofthe data base management system(s) resident on enterprise server 86and/or departmental server 88. This emulation is only made possible,because repository 80 stores sequences of command language statements(i.e., the logic of the service request) and intermediate products(i.e., the state of the service request). It is these functions whichare not available in ordinary dialog on the world wide web and aretherefore not even defined in that environment.

FIG. 5 is a schematic diagram 90 of the software components of the CoolICE system and the software components to which it interfaces in thepreferred mode of the present invention for responding to a Cool ICEservice request. The client user of the Cool ICE system interfacesdirectly with web browser 92 which is resident on internet terminal 54(see also FIG. 4). Web browser 92 is a commercially available browseroperating under a current version of the Windows operating system (e.g.,Windows 95). The only special requirement of web browser 92 is that itbe capable of supporting frames.

Web browser 92 communicates with web server software 96 via internetstandard protocol using HTML language using world wide web path 94. Webserver software 96 is also commercially available software, which is, ofcourse, appropriate for to the web server host hardware configuration.In the preferred mode of the present invention, web server software 96is hosted on a Series 2200 mainframe available from Unisys Corporation,from which web server software 96 is readily available.

Cool ICE system software 98 consists of Cool ICE Gateway 100, Cool ICEservice handler 102, Cool ICE administration 104, Cool ICE repository106, and Cool ICE scripting 108. It is these five software modules whichinterface to web server software 96 in HTML using a dialog format andinterface to data base management system interconnect 110 in the commandlanguage of the enterprise data base management system(s) (i.e., ClassicMAPPER in the preferred mode of the present invention).

Cool ICE gateway 100 is the interface between standard, commerciallyavailable, web server software 96 and the internal Cool ICE systemlanguage and logic. As such, Cool ICE gateway 100 translates the dialogformat, incoming HTML service request into internal Cool ICE language.and protocol. Intrinsic in this translation is a determination of theserve category (see also FIG. 4)—that is whether the service request isa native service (i.e., with Cool ICE server-side scripting) or an openservice (i.e., with server-side scripting in another commerciallanguage).

The service request, received from Cool ICE gateway 100, is utilized byCool ICE service handler 102 to request the corresponding object fromCool ICE repository 106 and to open temporary state storage using CoolICE repository 106. Cool ICE scripting 108 is called to translate theserver-side scripting of an open service request as necessary. Cool ICEservice handler 102 sequences through the command language statements ofthe object received from Cool ICE repository 106 and forwards eachcommand in turn to data base management system software 114 foraccessing of the enterprise proprietary data base management system.Cool ICE service handler 102 receives each of the intermediate productsfrom data base management system software 114 and transfers each to CoolICE repository 106 for temporary storage until completion of the servicerequest. Cool ICE service handler 102 retrieves the intermediateproducts from Cool ICE repository 106 upon completion of the servicerequest and formulates the Cool ICE response for transfer to browser 92via web server software 96 and world wide web path 94.

Cool ICE administration 104 implements automatic and manual control ofthe process. It provides for record keeping, for resolution of certainsecurity issues, and for development of further Cool ICE objects.Interconnect 110 and interconnect 112 are software interface modules forcommunicating over the enterprise intranet (see also FIG. 4). Thesemodules are dependent upon the remaining proprietary hardware andsoftware elements coupled to the enterprise intranet system. In thepreferred mode of the present invention, these are commerciallyavailable from Unisys Corporation.

FIG. 6 is a schematic diagram 116 showing the processing of a servicerequest by the Cool ICE system. Screen 118 is the view as seen by theclient or user at an internet terminal (see also FIG. 4). This screen isproduced by the commercially available browser 120 selected by the user.Any such industry standard browser is suitable, if it has the capabilityto handle frames. The language of screen 118 is HTML 124. Hyperlinks 126is used in locating the URL of the Cool ICE resident server. In manyinstances, this will simply be the internet access provider of theinternet terminal, as when the internet terminal is owned by theenterprise and the user is an employee. However, when the user is not anemployee and the internet terminal is not necessarily owned by theenterprise, it becomes more likely that hyperlinks 126 identifies aremotely located server.

Icon 122 is a means of expressly identifying a particular servicerequest. Such use of an icon is deemed to be unique. Additional detailconcerning this use of an icon is available in the above identified,commonly assigned, co-pending U.S. Patent application. Window area 128provides for the entry of any necessary or helpful input parameters. Notshown are possible prompts for entry of this data, which may be definedat the time of service request development. Submit button provides theuser with a convenient means to transmit the service request to the webserver in which the Cool ICE system is resident.

Upon “clicking on” submit button 130, screen 118 is transmitted to webserver 136 via world wide web path 132. As discussed above, world wideweb path 132 may be a telephonic dial-up of web server 136 or it mightbe a long and complex path along the internet if web server 136 isremote from the originating internet terminal. Web server 136 is thesoftware which performs the retrieval of screen 118 from world wide webpath 132.

Screen 118 is transferred from web server 136 to Cool ICE gateway 138,wherein it is converted to the internal Cool ICE protocol and language.A browser input file is opened at storage resource 146 via path 140.Thus the initial service request can be accessed from storage resource146 during processing up until the final result is transferred back tothe user. This access readily permits multi-step and iterative servicerequest processing, even though the service request was transferred as asingle internet dialog element. This storage technique also providesinitially received input parameters to later steps in the processing ofthe service request.

Cool ICE gateway 138 notifies Cool ICE service handler 156 that aservice request has been received and logged in. The service requestitself is utilized by Cool ICE service handler 156 to retrieve apreviously stored sequence of data base management system commandstatements from repository 166. Thus, in the general case, a singleservice request will result in the execution of a number of ordered database management system commands. The exact sequence of these commands isdefined by the service request developer as explained in more detailbelow.

Service input parameters 170 is prepared from the service request itselfand from the command sequence stored in repository 166 as shown by path164. This list of input parameters is actually stored in a dedicatedportion of repository 166 awaiting processing of the service request.

Each command statement from repository 166 identified with the servicerequest is equentially presented to Cool ICE service 168 for processingvia path 160. The corresponding input parameter from service inputparameters 170 is coupled with each command statement via path 176 toproduce an appropriate query of the enterprise data base managementsystem at Cool ICE service 168. After the enterprise data basemanagement system has responded to a given query, the intermediateproducts are stored as entries in HTML document 172 which is also storedin a dedicated portion of repository 166.

After all command statements corresponding to the service request havebeen processed by the enterprise data base management system and HTMLdocument 172 has been completed, the result is provided via path 156 toCool ICE service handler 156 for temporary storage as a browser outputfile in storage resource 154 via path 152. Cool ICE gateway 138 receivesthe browser output file via path 148. The response is converted to HTMLprotocol and transferred by web server 136 and world wide web path 134to be presented to the user as a modified screen (not shown).

FIG. 7 is a pictographic drawing 178 of one of the development processesfor creating a Cool ICE service. HTML document 180 is created utilizingany commercially available standard HTML authoring tool (e.g., MicrosoftFrontPage). The resulting HTML document 180 is stored as a normal HTMfile. This file will be utilized as a template of the service to bedeveloped.

The authoring process moves along path 182 to invoke the administrationmodule of the Cool ICE system at element 184. The new dynamic service iscreated using HTML document 180 stored as a normal HTM file as atemplate. As HTML document 180 is imported into Cool ICE, sequences ofscript for the beginning and end of the HTML code are automaticallyappended to the service. Required images, if any, are also uploaded ontothe web server (see also FIGS. 5 and 6). The service is edited byinserting additional Cool ICE script, as required. A more detaileddescription of the editing process may be found in Cool ICE User'sGuide, Revision 1.1, available from Unisys Corporation and incorporatedherein by reference.

The completed service script is transferred along path 186 to element188 for storage. The service is stored as an object in the repository(see also FIGS. 5 and 6). Storage is effected within the appropriatecategory 190 as discussed above, along with services 192, 194, and 196within the same category.

The process proceeds along path 198 to element 200 for testing. Toperform the testing, the URL for the newly created service is enteredinto the browser of the internet terminal, if known. The typical URL isas follows:

http://machine-name/lCEGate/Category/Service

If the URL for the new service is not known, a list of the availableservices may be determined from the Cool ICE system by specifying theCool ICE URL as follows:

http;://machine-name/ICEGate

This call will result in a presentation of a menu containing the definedcategories. Selecting a category from the list will result in a menu forthe services defined within that category. The desired service can thusbe selected for testing. Selection of the service by either means willresult in presentation of the HTML page as shown at element 200.

The process proceeds to element 204 via path 202, wherein the HTML pagemay be enhanced. This is accomplished by exporting the HTML documentfrom the Cool ICE administration module to a directory for modification.By proceeding back to HTML document 180 via path 208, the exported HTMLtemplate is available for modification using a standard HTML authoringtool. After satisfactory completion, the finished HTML document is savedfor future use.

This process for creating a Cool ICE service request is particularlyuseful for the experienced author. It provides the most direct resultbut requires some knowledge of the scripting procedure.

FIG. 8 is a diagram showing a comparison between dialog-based structure210 and service-based structure 212. Dialog-based structure 210 is thenorm for the typical existing proprietary data base management system(e.g., Classic MAPPER). The user, normally sitting at a dedicated userterminal, transfers output screen 214 to the data base management systemto request a service. The user terminal and its normally dedicated linkare suspended at element 216 to permit transfer and operation of thedata base management system. The input is validated at element 218,while the user terminal and its normally dedicated link remainssuspended.

The data base management system processes the service request at element220 while the user terminal remains suspended. Output occurs at element222 thereby releasing the suspension of the user terminal. Thus, a truedialog is effected, because one part of the dialog pair (i.e., the userterminal) is suspended awaiting response from the data base managementsystem. This type of dialog is best accomplished in an environmentwherein at least the user terminal (or data base management system) isdedicated to the dialog, along with the link between user terminal anddata base management system.

Service-based structure 212 illustrates on of the basic constraints ofthe world wide web protocol. To ensure that each of the elements on theworld wide web are sufficiently independent to prevent one element fromunduly delaying or “hanging-up” another element to which it is coupledawaiting a response, the communication protocol forces a terminationafter each transmission. As can be readily seen, even the simplestdialog requires at least separate and independent transactions orservices. The first service, Service 224, involves the transmissions ofoutput form 228 from the internet user terminal. This transmission isimmediately and automatically followed by termination 230 to ensureindependence of the sender and receiver.

The second service, Service 226, enables the receiver of output form 228to process the request and output an appropriate response. Thevalidation of the input at element 232, processing 234, and output 236all occur within the receiver of output form 228. Immediately andautomatically, termination 238 follows. Thus, if internet transactionsare to be linked into a true dialog to permit data base managementfunctions, the state must be saved from one service to the next astaught herein.

In the preferred mode of the present invention, the state of a serviceis saved in the repository (see also FIGS. 4 and 5) for use in the nextor subsequent services.

FIG. 9 is a schematic diagram 240 of the preferred mode of the presentinvention showing normal data flow during operation, with specialattention to the state saving feature. Work station 242 is an industrycompatible personal computer operating under a commonly availableoperating system such as Windows 95. Browser 244 is a standard,commercially available web browser having frames capability. Path 248 isthe normal world wide web path between work station 242 and web server254 for the transfer of service requests and input data. These transfersare converted by Cool ICE gateway 256 as explained above and sent toCool ICE service handler 258 via path 266 for disposition.

The service request for data andlor another function is converted intothe data base management language by reference to the service definitionportion of repository 262 through reference along path 276. The actualcommand language of the data base management system is utilized overpath 286 to access data base 264. The resultant data from data base 264is transferred to Cool ICE administrator 290 via path 288. State manager260 determines whether the original service request requires additionalqueries to data base 264 for completion of the dialog. If yes, theresultant data just received from data base 264 is transferred via path284 to repository 262 for temporary storage, and the next query isinitiated over path 286, and the process is repeated. This is the statesaving pathway which is required to provide the user of the Cool ICEsystem to function in a dialog form over the world wide web.

Upon receipt of the resultant data from the final query of data base264, state manager 260 determines that the service request is nowcomplete. State manager 260 notifies repository 262 via path 280, andthe intermediate products are retrieved from temporary storage inrepository 262 via path 278 and supplied to Cool ICE service handler 258via path 272 for formatting. State manager 260 then clears theintermediate products from temporary storage in repository 262 via path282. The final response to the service request is sent to Cool ICEgateway 256 via path 270 for translation and to browser 244 via path250.

FIG. 10 is a detailed flowchart 300 showing the process for authoring aCool ICE service in SQL utilizing the data wizard. Entry is made atelement 302. This is accomplished by the user who enters from the datawizard request on the user's standard browser. The user actually clickson the data wizard button of the Cool ICE home page, which appears ifthe user-id indicates that the user is to have service developmentaccess to Cool ICE. This causes an HTML page to be transmitted to theCool ICE system requesting the initiation of the data wizard scriptwriting tool. The HTML page also indicates whether the request is tocreate a new Cool ICE service or to review (and possibly modify, copy,etc.) an existing Cool ICE service.

If the request is to create a new Cool ICE service as determined byelement 306, control is given via path 308 to element 312 for selectionof the data source. This data source may be co-located with the Cool ICEsystem or may reside at some remote location. Though it is transparentto the user whether the data is co-located, it involves additionalscripting to fetch data from a remote location. Cool ICE supports localdatabases ODBC (CORE level, 32-bit), Oracle, Sybase, Microsoft SQL, andUnisys MAPPER Query Language. Cool ICE supports remote databasesMicrosoft SQL, Informix, ODBC (CORE level, 32-bit drivers), Oracle,Sybase, Ingres, Unisys MAPPER Query Language, Unisys Relational DatabaseManagement System (RDMS), and Unisys A Series Query Language (ASQL). Upto five different data bases may be utilized through the use of the JOINTABLES option.

The security profile is checked and verified at element 334. Asdiscussed more fully in the above identified co-pending applications,this security profile can specify access to a database, a table, or evenan individual column of data within a table (see also FIG. 12). Element338 refines the data base management system query to be used. At thatpoint, the security profile may need to be reverified and control may bereturned to element 334 via path 336. This iterative verification of thesecurity profile is necessary as the query is refined, because therefining process may indicate other data elements which must beaccessed. Of course, this reverification is most likely if the governingsecurity profile specifies access to only individual columns within atable. After the security has been completely verified, element 334creates and displays a table from the specified data sources. A morecomplete description concerning the refining process is found below inreference to FIG. 11.

The completed query is a sequence of command statements scripted in theSQL language, Cool ICE script, or a combination involving Cool ICEreports stored in the repository. It defines all of the data basemanagement system functions which must be executed to properly respondto the to service request made by the user at the internet terminal.This completed query is saved in the repository (see above) by element340. The query may be saved as both a query definition service and as adynamic HTML service along path 342 Thus the completed service may beeasily called for subsequent use.

Following saving of the completed query definition, path 344 permitselement 350 to set a security profile for the service just defined. Thissecurity profile specifies which user-id(s) may access this service. Theservice will not appear on the Cool ICE main menu or on the data wizardservice list for any user-id not thus specified as a user of theservice.

Path 346 permits execution of a selected query service at element 352.The user may exit data wizard at element 354 via path 348.

When element 306 determines that an initial user request is to view anexisting query definition, path 310 provides control to element 314. Ifthe user-id of the requestor matches with the security profile of theexiting query definition, element 314 displays the query definition byformatting and transmitting an HTML screen to the user internetterminal. As explained above, the security profile given to the existingquery definition, if any, will determine whether it will even appear onthe user menu. The user is then given the option via a menu selection ofone of paths 316, 318, 320, 322, 324, or 326.

Path 316 permits creation of a new query definition. Path 318 providesfor copying of an existing query definition. Path 320 producesopportunity to modify an existing query definition. In each of thesethree cases, path 328 gives control to element 312 for creation ormodification of the query definition in accordance with the processdescribed above.

Path 322 provides for removal of the query definition. In this instance,an obsolete query definition may be erased from the repository.

Path 324 is available to change the security profile for a givenselected query definition. Control is given to element 350 via path 330and the security profile is modified as discussed above. Path 326 givesthe user the opportunity to execute an existing query definition.Element 352 receives control from path 332 and executes the existingquery definition as discussed above.

FIG. 11 is a detailed diagram 356 of the query definition refiningprocess wherein elements 358, 360, 376, and 378 correspond to elements334, 338, 340, and 336, respectively, of FIG. 10 Upon presentation ofthe selected data sources table, the query definition may be refined atelement 3608. The options available are:

1. add a where clause that defines up to five conditions for retrievingdata from the report or table along path 362 or an order by clause alongpath 364;

2. Sort the table or report according to the data in up to five columns;

3. Analyze and summarize selected data in the report or table via path366. For each column a total value, average the data, select a minimumcolumn value, or select a maximum column value may be computed.

4. Perform calculations on the data via path 368. The data wizard cancompute, compare, and replace numeric data, character strings, dates,and times in selected columns.

5. Reformat or define how the selected data appears when the Cool ICEservice for this query definition is executed via path 370. Using thereformat option enables definition of the column order, field size, andcolumn headings.

6. Create a graph of the data via path 374. The definition of the graphmay be saved as part of the query definition.

Basically, refining a query definition is a three-step process. Thethree steps are: where and order by; analyze, calculate, and reformat;and create a graph or selectively view any or all columns. The usersimply makes the selections on the user menu and clicks on the desiredresult. The data wizard applies the specific refining action andredisplays the resultant screen.

FIG. 12 is a detailed flow diagram 380 of the functions performed by theCool ICE administration module (see also FIGS. 4, 5, and 9) for querydefinition. The primary responsibility of Cool ICE administration module382 is to register with the required local and remote data bases neededfor the query definition. Path 384 provides for such registration.

In order for registration to take place, Cool ICE administration promptsthe user with one or more HTML screens for entry of the data needed toidentify and register the data bases. For each data base to be utilized,the user must supply information such as the TCP/IP address, data basetype (e.g., ODBC, MQL, etc.), user-id, user password, and logical namefor this data source within Cool ICE. Access to a particular data basemay be for the entire data base as with path 384, only specified tableswithin the data base as with path 386, or only with specified columnswith specified tables within the data base as with path 388. In eachinstance, the user-id and user password supplied must correspond to theaccess specified.

Path 390 permits the user to create a security profile for the querydefinition. It is axiomatic that the user can define a security profilewhich is more restrictive than the user's own security profile, butcannot define a less restrictive profile. As with all Cool ICE securityprofiles, access may be granted by entire data base, by select tableswithin the data base, or by select columns within select tables withinthe data base.

Security profiles are allocated to individual users via path 392. In atypical application, certain employees might have access to the querydefinition and all of the resulting response, whereas others may haveaccess to the query definition but have access to only a portion (bytable and/or column) of the resulting response. Yet others would bedenied any access.

FIG. 13 is a detailed schematic diagram 394 of query definition usingthe data wizard. The user, at internet workstation 396, activatescommercially available world wide web browser 398 and accesses the CoolICE homepage via world wide web paths 406, 408, and 412 using thepreviously defined URL. The Cool ICE homepage has a button for callingdata wizard 420 for query definition.

Cool ICE data wizard 420 determines the nature of the service request(see also FIG. 10) and begins processing. Paths 414 and 416 enable CoolICE administration module 432 to register the required data bases (seealso FIG. 12). The resulting SQL script generated by data wizard 420 istransferred to repository 438 via path 430 for storage at querydefinition storage area 436.

Execution of an existing data wizard scripted query definition isaccomplished by Cool ICE engine 428 which is essentially the ClassicMAPPER data base management system in the preferred mode of the presentinvention. The script is accessed from storage and transferred to CoolICE engine 428 via path 434. Accesses to remote database(s) 422 is viaworld wide web paths 424 and 426.

The resultant report produced by execution of the query definitionscript is transferred to data wizard 420 via path 418 for formatting.The response is then transferred to service handler 402 via path 410 fortransfer via world wide web path 412 as an HTML page which is presentedto the user on workstation 396.

Having thus described the preferred embodiments of the presentinvention, those of skill in the art will be readily able to adapt theteachings found herein to yet other embodiments within the scope of theclaims hereto attached.

We claim:
 1. In a data processing environment having a user terminalcoupled to a publicly accessible digital communications network withservice requests in a service-based structure and having a data basemanagement system for responding to service requests in a commandlanguage script, the improvement comprising: server responsively coupledto said user terminal via said publicly accessible digitalcommunications network and responsively coupled to said data basemanagement system wherein said server includes a data wizard forgenerating service requests in said command language script from saidservice requests in said service-based structure.
 2. The improvementaccording to claim 1 wherein said server includes a repository forstoring said command language script.
 3. The improvement according toclaim 2 wherein said publicly accessible digital communications networkis the world wide web.
 4. The improvement according to claim 3 includinga second data base management system remote from said server andresponsively coupled to said server via said world wide web and whereinsaid server further comprises a service handler for responding to saidservice requests using access to said second data base managementsystem.
 5. The improvement according to claim 4 wherein said data basemanagement system is Classic MAPPER.
 6. An apparatus comprising: a. auser terminal; b. a publicly accessible digital communications networkhaving a service-based request language coupled to said user terminal;c. a server responsively coupled to said user terminal via said publiclyaccessible digital communications network; d. a data base managementsystem having a command language script responsively coupled to saidserver; and e. a data wizard located within said server and responsivelycoupled to said data base management system which translates saidservice-based request language into said command language script.
 7. Theapparatus of claim 6 wherein said server has a storage facility forstoring said command language script.
 8. The appaatus of claim 7 whereinsaid data base management system is responsively coupled to said servervia said publicly accessible digital communications network.
 9. Theapparatus of claim 8 wherein said publicly accessible digitalcommunications network is the world wide web.
 10. The apparatus of claim9 wherein said user terminal is an industry compatible personal computerhaving a commercially available web browser.
 11. A method of using auser terminal utilizing service-based data requests to access a database management system responding to command language script comprising:a. transmitting a service-based request from said user terminal to adata wizard; b. transmitting a request for input from said data wizardto said user terminal; c. transmitting said input from said userterminal to said data wizard; d. converting said service-based requestand said input into an ordered sequence of said command language script;e. transferring said ordered sequence of command language script to saiddata base management system; f. receiving a subsequent response fromdata base management system corresponding to said ordered sequence ofcommand language script; and h. transferring a service-based responsecorresponding to said subsequent response to said user terminal.
 12. Amethod according to claim 11 further comprising storing said orderedsequence of command language script for future use.
 13. A methodaccording to claim 12 further comprising accessing said stored order ofcommand language script in response to a subsequent service-basedrequest from said user.
 14. A method according to claim 13 wherein saidtransmitting steps further comprise transmitting over the world wideweb.
 15. A method according to claim 14 wherein said data basemanagement system includes a Cool ICE system.
 16. An apparatuscomprising: a. means for permitting a user to interact with a digitaldata base; b. means responsively coupled to said permitting means forproviding said user with access to a publicly accessible digitalcommunication network via service-based requests; c. means responsivelycoupled to said permitting means for offering data processing servicesaccording to command language script; and e. means responsively coupledto said offering means and said permitting means for convertingservice-based requests to said command language script.
 17. An apparatusaccording to claim 16 wherein said publicly accessible digitalcommunication network further comprises the world wide web.
 18. Anapparatus according to claim 17 wherein said converting means furthercomprises means for requesting further input from said user andutilizing said further input to write said command language script. 19.An apparatus according to claim 18 wherein said offering means furthercomprises Cool ICE system.
 20. An apparatus according to claim 19wherein said permitting means further comprises an industry standardpersonal computer.